How the Story of a USB Penetration Test Went Viral
Summary
This article revisits a viral Dark Reading story from twenty years ago about a penetration tester who used rigged USB drives planted in a credit union's parking lot to gain initial access. The piece features a discussion with the original author, Steve Stasiukonis, alongside Dark Reading's senior editor and editor-in-chief, reflecting on the incident's impact.
IFF Assessment
The article details a successful social engineering tactic involving USB drives, which remains a relevant threat vector for defenders to be aware of.
Defender Context
This story highlights the enduring effectiveness of physical social engineering techniques, such as the USB drop attack, which can still bypass many technical security controls. Defenders should maintain vigilance and educate users about the risks associated with plugging in unknown or found devices.